Rhythmyx 7.3.2 October 2017 Patch

Here you can find information regarding the latest Rhythmyx patch release.  Please see the support portal at https://support.percussion.com for access to product Downloads and Patches.


Patch id: 732_20171007b

This patch update fixes some issues in 732_20171007 we recommend all customers upgrade to this patch even if they have already installed 732_10171007

  1. Update to jetty to jetty-9.4.7.v20170914
  2. Fix Jetty ActiveMQ memory configuration
  3. Improve Linux Jetty installation and startup scripts
  4. Updates to SFTP client for latest security
  5. Error Handling and performance fixes 6. Fixup Assembly time Includes. Allow for publishing items with different filter in the content list than Assembly

Known Issues

RHYT-1634 - fixes an issue where you could not save in the UI if setting up ssl. There is still an issue where the tool is only currently saving Jetty ssl configuration.  JBoss will need to be manually configured.   If you select a keystore to be used you should make sure you add the jetty server keystore in the jetty\base\etc folder and use just the filename in the UI. in the base\etc\installation.properties file that is updated by the UI the selected filename will be appended with 'etc/' to make it relative to the jetty\base folder. Currently selecting a Full windows path e.g. starting with "c:\" will cause the service to fail to start.

Download

Downloads are available via the support portal at https://support.percussion.com

Changelist

Release notes - Rhythmyx - Version 7.3.2 20171007

Changes

  1. Update to jetty to jetty-9.4.7.v20170914
  2. Fix Jetty ActiveMQ memory configuration
  3. Improve Linux Jetty installation and startup scripts
  4. Updates to SFTP client for latest security
  5. Error Handling and performance fixes
  6. Fixup Assembly time Includes. Allow for publishing items with different filter in the content list than Assembly

Bug

  • [RHYT-1584] - DCE: Cannot Preview content of type "File" or "Image"
  • [RHYT-1661] - Cleanup system parameters from jvm.ini
  • [RHYT-1662] - DCE in editor preview dialog can add bad default extension to default filename to save if sys_title has no extension
  • [RHYT-1639] - contrast.mod serialization security in jetty fails to start due to incorrect path
  • [RHYT-1640] - Patch install failing at end on linux due to rhythmyx.home path
  • [RHYT-1664] - DCE new items do not save to folder
  • [RHYT-1666] - legacy sys_File control sets type in DCE for pdf extensions as application/octet-stream
  • [RHYT-1697] - Jetty Rhythmyx Service on windows doesn't stop
  • [RHYT-1697] - OSX - DCE File Saver dialog updating file name to wrong extension

Bug from original 20171007 

  • [RHYT-1514] - Inline image preview not working in DCE
  • [RHYT-1519] - Clicking on Rhythmyx inline links in tinyMCE loads the target content in DCE
  • [RHYT-1521] - DCE is overriding context menu actions of TinyMCE
  • [RHYT-1527] - DCE - Promoting revisions results in blank screen
  • [RHYT-1532] - Assembly time nav include - Breaks page navigation due to missing include file for navon in draft state
  • [RHYT-1584] - DCE: Cannot Preview content of type "File" or "Image"
  • [RHYT-1601] - DCE: Related Content Links Do Not Work
  • [RHYT-1608] - Fix Jetty ActiveMQ memory issues and allow customer configuration
  • [RHYT-1611] - NavonInvocationHandler throwing UndeclaredThrowableException and loosing cause
  • [RHYT-1615] - DCE - Active Assembly Table Editor "Move to another slot and/or change variant" does not work
  • [RHYT-1617] - JSCH SFTP client out of date - update to 1.0.54 to support modern ciphers
  • [RHYT-1619] - Do not get ObjectManager from spring every time it is requested store reference in static
  • [RHYT-1620] - Change missing landing page error to warning and set maximum times to log
  • [RHYT-1621] - Navigation slots being loaded from DB for every nav item
  • [RHYT-1622] - Remove parse error logging from Jericho unless specifically turned on for class
  • [RHYT-1623] - Suppress JBoss ClientAbortException Errors
  • [RHYT-1624] - Update Jetty Linux service scripts, allow install and uninstall
  • [RHYT-1612] - Update jetty from jetty-9.3.7.v20160115 to jetty-9.4.7.v20170914
  • [RHYT-1613] - A folder id of 0 for no folderid will prevent folder being located automatically on site path.
  • [RHYT-1634] - RhythmyxServerPropertiesEditor does not save properties if ssl keystore is set
  • [RHYT-1635] - DCE logging configuration not working without change to log4j.properties
  • [RHYT-1636] - Force DCE Login window to top
  • [RHYT-1637] - Make sure jetty/base/perc-ssl.ini is removed if it was manually added as module is no longer used.

Update to jetty.

This brings jetty to the latest version at time of patch jetty-9.4.7.v20170914. As well as ensuring we have all the latest up to date security fixes, this release has improvements to the module system that provides more flexibility in providing future updates with separation of customer configurations from code delivered by percussion, and from core jetty implementation.

The {installation root}/jetty/upstream and {installation root}/jetty/defaults folders will be backed up and replaced when installing the patch. These folders should not be updated by customers. Upstream contains an untouched Jetty distribution, defaults contains percussion configuration on top of the distribution, any customer specific configuration should always be in the base folder.

As part of splitting out this configuration this patch will move database driver jar files from existing jetty/defaults/lib/perc folder into jetty/base/lib/jdbc folder. if the jetty/base/lib/jdbc folder exists the jars contained in it will be used instead of any within the jetty/defaults/lib/jdbc delivered with the patch.

A backup of the original jetty/upstream and jetty/defaults folders can be found in Patch/732_20171007/backup/jetty/defaults.zip and Patch/732_20171007/backup/jetty/upstream.zip. If any changes had been made to these folders.

Percussion jetty documentation can be found https://help.percussion.com/rhythmyx/implementation/jetty/index.html

Jetty Sevice Scripts

The service installation script for Linux has been updated to allow it to work on more systems and also to allow for the creation of services for multiple instances on the same machine. The default service name is rxjetty. The Script can now be run from any folder. The install script requires root/sudo and the Start script will change to the correct user automatically if running as root. The user owner is based upon the owner of the top level Rhythmyx Installation root. The server installation script will change permissions on all sub items to match

The service script will do the following on install

  1. Check is made to see if Service already exists or a service with a different name is set up to start this instance based upon its configured folder path.
  2. jetty/defaults/bin/rxjetty.sh is copied to /etc/init.d/rxjetty and it will change the token ${rxjetty_service} to the service name e.g. rxjetty by default.
  3. It will create config file with paths to instance in /etc/default/rxjetty - Note if instance is moved the service will need to be reinstalled or the paths in this file in /etc/default be updated.
  4. It will set up a folder to store pid files to indicate if process is running.
  5. Owner of the Rhythmyx Root directory will be checked and chown will be run recursively on the folder to fix any issues caused by running as the wrong user.
  6. It will run status on the service to check it is configured correctly and report configured info
  7. The service will be installed to run at startup.

It will attempt to use chkconfig or update-rc.d depending on the system to allow the service to restart automatically on reboot. Headers are included the script to allow both of these commands to work.

./install-jetty-service.sh uninstall ./install-jetty-service.sh install

If a service needs to be created for a different instance then the command can be run with an alternate service name. e.g.

./install-jetty-service rxjetty2 install ./install-jetty-service rxjetty2 uninstall

Further jetty service information can be found at https://help.percussion.com/rhythmyx/implementation/jetty/installing-starting-and-stopping-the-new-jetty-service.html

ActiveMQ configuration

Previous ActiveMQ configuration file activemq.xml was not being picked up. This could cause memory issues if the Content List items were not able to be assembled quicker than they were added to the queue. A large backlog of queued items were being built up using memory. The new configuration uses a local data storage to keep a record of the items and should prevent the running out of memory. The default configuration containing the memory and disk limits is now stored in jetty/defaults/etc/activemq/activemq.xml This should have suitable limits to memory and disk storage for most customers. If these do need adjusting the file should be copied to jetty/base/etc/activemq/activemq.xml . If the folder jetty/base/etc/activemq exists then jetty/defaults/etc/activemq will be ignored, so to go back to using the defaults you should delete the whole jetty/base/etc/activemq folder and not just the file.

We currently ship Active MQ 5.7.0

Fixes to Desktop Content Explorer and TinyMCE within DCE

The default TinyMCE configuration had been updated to allow the browser right-click context menu to appear instead of the TinyMCE menu. This allows for the browser spell checker to work within TinyMCE. The DCE is not within a browser and it does not have its own spell check feature. Tiny MCE does provide a spell checker in its context menu but only as a premium plugin that is separately licensed.

The DCE would ignore requests from TinyMCE to show its own context menu even when included in the plugins list and the code has been modified to allow TinyMCE context menu to show, this does not enable browser spellcheck for DCE.

A previous patch removed the contextmenu plugin from the default TinyMCE configuration to allow the browser spellcheck to work. It is possible to have both the TinyMCE context menu and still be able to access the browser spellcheck feature in Firefox and IE.

When the contextmenu is added in the plugins list and the "browser_spellcheck" : true option is added the following behavior occurs. In IE and firefox spelling errors are displayed with the red underline. In IE the TinyMCE context menu appears while in the TinyMCE area unless you right click on a misspelled word in which case the browser menu will be displayed. In Firefox the browser menu will not automatically be displayed when on the word but Shift-Right Click is an override for the contextmenu plugin and will bring up the browser menu.

Note: the "gecko_spellcheck" option is no longer used in the version of TinyMCE we ship and "browser_spellcheck" is used instead. It has therefore been removed in the default config. config. config.

If using the spellcheck plugin as part of a purchased a full TinyMCE license you will want to set "browser_spellcheck" : false

Our current shipped default configuration is stored in the following location which will be ovewritten on patch and upgrade

sys_resources\tinymce\js\tinymce_init.js

TinyMCE will by default use the following version and you will have to modify this file to pick up the changes.

rx_resources\tinymce\js\tinymce_init.js

View full information about configuring tinymce at https://help.percussion.com/rhythmyx/implementation/tinymce/index.html

The compare tool page in DCE will now open in the system browser, like the preview a login may be required if there is not an active session open on that browser.

DCE Logging

DCE was previously not automatically logging errors unless its log4j.properties file was modified.
This has been resolved and the config and log locations have been modified
to reduce clutter in the user's home folder.

Previous location of config folder is shown below where {hostname} was the hostname in the url of the server with the '.' replaced with '-' being connected. On the first version there was only one folder .perc_config. Within the config directory a default log4j.properties file is created if it does not already exist. This provides how to split up log files and the amount of files to contain. This will by default log to logs/dce.log file within the config folder. The old config folders can be deleted. If the perc config folder is ever deleted or does not exist it will be automatically created with the current versions default settings.

Windows
%userprofile%\.perc_config_{hostname}
Mac
~/.perc_config_{hostname}/

New Location

Windows
%userprofile%\.perc_config\{hostname}
Mac
~/.perc_config_{hostname}\{hostname}

Updates to SFTP client for latest security

Current security best practices recommend preventing use of older HTTPS protocols and cipher suites. The SFTP client JSCH (http://www.jcraft.com/jsch/) needed to be updated to 1.0.54 to allow connection to servers that have been locked down to the current recommended TLSv1.2 protocol and ciphers.

Error Handling and performance fixes

Removing of Errors from logs that are not really errors and fill up logs Jericho Parsing errors that get thrown on assembly have been removed as they are not really issues in normal running.

When a client, like a browser forcefully disconnects while the server is sending data, a ClientAbortException is thrown in the server.log file. There is nothing the server can do in this case and therefore these exceptions will not show unless debug logging is turned on.

Many customers see an error message saying there is no landing page for a Navon item. These errors are sent to the log every time this item is Assembled within a page. In most cases these are not an error as long as the navigation template has been coded to expect this, e.g. not provide a link in this case or not display the navigation element. There is a setting to turn this off in by changing navon.landingpage.required=false in rxconfig/Server/Navigation.properties. Even when this message is required, it is reported too often and can expand the server logs during publishing. We will now report only 100 of these messages after startup and then will log a final message that no more logging will be done including a link to the configuration file to turn off these messages permanently.

Some ongoing incremental fixes have been made to improve performance of certain areas of code. These may or may not be noticeable based upon the size and particular configuration of the implementation.

Assembly Time Navigation Includes

Information and full instructions for this feature can be found https://help.percussion.com/rhythmyx/implementation/includes

You can now publish the include files that are not in a public state but still filter the assembled contents with the public filter.

In the content list for the include templates Set the filter to "preview" to publish all Navons and NavTree items. This would normally cause the navigation templates to render with links to items in draft state that have not yet been published. To change this behavior so the templates are assembled using the public filter

  1. Edit the include content list.

  2. Click on the "show additional details" link at the bottom of the Page.

  3. In the Extra Parameters box add the following

    assembly_filter=public

  4. In workbench drag the Include template assigned to rffNavon from the assembly design view to rffNavTree content type Allowed Templates folder in Content Design. It may ask you if you want to change to a shared template which you do.

  5. In the location scheme for navtree change the file name from 'include.inc' to include_tree.inc be different from the file name used in the navon include

Additional Step

You need to reinstall the Jetty Service on Unix if you are using it. See the steps above.

For windows in a cmd shell you can update the service

  cd {rhythmyx_install}\jetty\service

install-jetty-service.bat update

Update changes for context menu and spell checking if required in.

rx_resources\tinymce\js\tinymce_init.js

If you want to remove all errors when landing pages are not found for Navon Items you can update rxconfig\Server\Navigation.properties

If using Rhythmyx behind an Apache proxy using mod_proxy you no longer have to copy and modify the jetty.xml file into jetty/base/etc in this version of jetty. To enable the proxy module and to create a configuration file run the following command and remove jetty/base/etc/jetty.xml  

RhythmyxStart.bat --add-to-start=http-forward

or on Linux

./RhythmyxStart.sh --add-to-start=http-forward

This will enable by adding a default configuration file to jetty/base/start.d/http-forwarded.ini.

You can un-comment the lines and change the configuration if you need for your proxy.

To disable you can just remove the jetty/base/start.d/http-forwarded.ini file.

See the following patch for instructions on setting up jetty behind an apache reverse proxy. https://help.percussion.com/rhythmyx/implementation/jetty/using-jetty-with-an-apache-proxy.html